Zefram said this, and I just had to respond:> > >Tried getting this patch through during 1.3; Linus rejected it as making> >it too easy for module to circumvent securelevel. The fix he wanted was> >write a functional interfaces so that it would be possible for ext2 to> >obtain the current securelevel settings, without being able to set it.[...]> A function such as you describe will effectively give away the address> of securelevel to malicious code (it knows where the function is and> doesn't need to do as much as a disassembly), but will still hinder> legitimate code. The obvious solution is to disallow loading/unloading> of modules at a sufficiently high securelevel.

Not to jump in or anything, but...How about a small kernel function to return the current securelevel value?int get_securelevel();Then export THAT to modules.